Over 80% of senior executives agree that the risk of a data breach is higher when employees work remotely, according to a report by Shred-it.
Devices and documents containing sensitive data may get lost or stolen, malware can enter the network via USB drives, and credentials can be stolen from public computers, to name a few of the myriad of threats we may encounter when working with remote teams.
So, what can businesses do to protect their sensitive data, whilst granting employees the opportunity to work from remote locations?
Data Discovery & Classification
Naturally, in order to stand any chance of securing our critical assets, we must know where they are located. There are many commercial solutions available which can automatically discover, classify and encrypt sensitive data such as PII, PHI, PCI, and so on.
Knowing where your sensitive data resides will make it easier to assign, revoke and monitor access privileges, should a device with access to sensitive company data get lost or stolen.
Securing Data in The Cloud
One of the advantages of cloud computing is that it makes it easier for employees to access corporate data from anywhere in the world. Of course, using cloud-based services also comes with its own security risks.
Even when companies have security policies in place to determine how data should be handled in the cloud, a lot of employees have been known to violate those policies. Employees must be well trained to ensure that they are aware of the potential consequences of failing to adhere to company policies.
Additionally, cloud-based authentication systems are sometimes breached, and so companies will need to adopt more sophisticated systems such as multi-factor authentication and ensure that employees are granted the least privileges, they need to adequately perform their duties.
Another issue with storing sensitive data on the cloud is that cloud services often provide limited auditing capabilities. Given that the average enterprise uses around 1,427 different cloud services, it can be very hard for them to maintain a clear view of where their data is located and who has access to it. Fortunately, there are third party change auditing solutions which can audit multiple cloud platforms, such as Office365, OneDrive, AWS and Dropbox, and present a summary of important changes via a single console.
Managing Devices & Drives
These days, employees can use a wide variety of different devices including laptops, mobile phones, tablets, as well as portable storage devices, such as USB sticks. As you might expect, there has been an increase in the number of mobile security threats, such as Ransomware, Firmware, Spyware, and so on.
Companies will need to use mobile device management (MDM) solutions to ensure that the device, including any applications used, or data accessed by the device, is managed/authorized by their IT department. Remote workers must also understand the dangers of attaching unsecured USB drives to the network, as they may contain malware.
Remote workers should be strongly discouraged from accessing the corporate network from a public computer, whether in a library or internet cafe, as these devices may also contain malicious programs such as keyloggers, which can capture login credentials, thus enabling an attacker to gain access to the network. Likewise, hackers often gain access to sensitive information via public Wi-Fi hotspots.
As such, if remote workers need to use a public Wi-Fi connection, they will need to use either a VPN, Tor, SSL or some other encrypted protocol as a means of transferring data between the client and the server.